So I'm suing Cryptsy. If you can't withdraw your coins, feel free to add your name to the lawsuit. We will win this.

I've got some pretty disturbing news to report about Cryptsy which I believe is going to cause the site to go full-Mt. Gox, very very soon. If you have any funds at that site, I urge you to read this post, you will thank me later.

They've stolen a huge amount of cryptocurrency from me, but unlike other victims of theirs, I meticulously recorded data which proves their direct theft of my funds, coordinated deception, conspiracy, and direct lying regarding my account. Unlike other victims, between what happened and my Data logs(which I can prove are authentic) vs. what they have said(thinking I did not have such data logs), I caught them in a series of coordinated lies/fraudulent statements through a series of support tickets and emails, indicating that Cryptsy directly stole my coins and then covered it up.

I'm not talking about weak system security or negligence, but direct, outright deception and fraud. I think one of the criminal charges which will come up for Cryptsy as a result of this case will be criminal conspiracy, since the process of theft indicates a coordinated cover up/deception plan.

Essentially, Big Vern = Mark Karpeles.

Higher ups in this Fraud Conspiracy run by Cryptsy include: Jim aka: “Jshock” Customer Service Manager and BitJohn Chief Operations Officer are/were directly involved in perpetuating this fraud/theft. This is in addition to several support and verifications staff, including someone by the support name of “Horus”, who I demanded a real name from, he responded “John MacPherson -- I am not hiding behind a fake support name.” (I am nearly certain John MacPherson is indeed a fake name.) His email signature is “HorusDirector -CryptsyCanada Head of Anti-Fraud and Investigations - Cryptsy.com”. Also, I am US based so Canada should have nothing to do with it.

BRIEF SUMMARY OF FRAUD/THEFT/DECEPTION/CONSPIRACY CLAIM:

1) Cryptsy arbitrarily, blocked, then deleted my withdraw requests from their records. [bT]hey then bypassed all security measures to change my PW and withdraw my funds, without my request, consent, or notification- while continuing(still now) to avoid either confirmation/denial that these events have taken place, and deleting/tampering/altering my login/withdraw/ request info.[/b]

Cryptsy claims even with correct(and unchanged) UN and PW, logging in from a pre-approved whitelisted IP, with 2-Factor Authentication PIN, and email 2FA confirmation for withdraw- they claim they still have the right to block my withdraws and that I must verify to withdraw.

2) On August 28, my ID verification was granted and my support ticket was closed. On Sept 2, they revoked my verified status and informed me via email.

3) As I was actively receiving “support”, Cryptsy staff changed my password without my consent, and without notifying me(bypassing ALL the security measures mentioned above), between my successful login on Sept 1 and Sept 2. On Sept 2, I noticed I could not log in, at which point I replied to my support ticket email and asked : “ Did you change my password for logging in???”. Cryptsy stops responding to my support ticket and refuses to answer the question.

4) Then, between Sept 2 and Sept 7, after dozens of back and forth's with support, they claim ignorance of why I cannot log in- continuing to avoid my question of “ Did you change my password for logging in???” . Of the excuses they give for my lack of ability to log in they say: (a) I need to log in from the whitelisted IP[I did] (b) They claimed I used an incorrect incapsula/captcha [there was no captcha in the first denied attempt, and in the subsequent attempts I did enter the correct captcha.]

5) September 5, support tells me the only way I can access my account is if I change my password. Yes you read that right. The same password that always worked until Sept 2.

{Cryptsy refuses to state up front what data/criteria are needed to change a password, they won't say because they want to ensure the criteria can never be met by me. I would guess/assume the criteria would include having some combination of the original pw, login pin 2FA, using a whitelisted IP to confirm, email 2FA. Meanwhile, they had changed my password between Sept 1 and Sept 2, bypassing any/all of these security measures which they are asking me(the account owner) for. They never informed me of the password change, and refused to answer my direct question about it when I confronted them with the question.

6) On Sept 6, I was told by BitJohn, the COO ,that there are no records of any login or password change attempts between my Sept 1 login and unsuccessful logins on Sept 4. At this point, I had already told them that I was going to sue if they did not solve the problem and give me my $ back.

Cryptsy deleted/removed/tampered with the login attempt logs, erasing all activity between my last successful login(Sept 2), until Sept 4.ALL login/PW change/withdrawals on Sept 2 and Sept 3 were deleted from their system. I was informed of nothing, and all changes to my account were made WITHOUT MY REQUEST, CONSENT, OR NOTIFICATION.

I tried logging in on Sept 2 (as I have said, the first time I noticed I could not log in) and also Sept 3 a few times, all while in contact with support. I have the email confirms to prove this. Cryptsy erased these records, as well as the password change, from their records.

7) I have asked Cryptsy directly several times if my funds are still in the account. They continue to ignore the question. I can only assume that when they illegally changed my password after my last successful login on Sept 1, they withdrew the funds from my account(Again, bypassing all the security barriers they demanded from me, and which I had in place to prevent exactly this.-2FA for logins and withdraws, and my one IP which they admitted was a whitelisted IP at the time)

Then, they deleted these records (Sept 2-3) to cover their tracks.

Cryptsy still refuses to confirm or deny that they changed my PW, deleted records, or that any funds are missing/withdrawn from my account between Sept 1 and now. They also refuse to confirm or deny how or on what grounds they removed/bypassed my security measures(2fa,whitelist, et cetera) for both PW change and funds withdrawal.

9) Cryptsy also refuses to put these security measures back on my account(withdraw confirm 2fa, et cetera). If they claim in court that the funds are still (as of now, Sept 7) in the account and not withdrawn during the Sept 1-Sept 7time period- Know that they removed all security measures, so that Cryptsy can withdraw funds from a non-approved IP, without informing me, in the future. I have specifically requested(since 7-11, and now) only the whitelisted IP(otherwise, what is the purpose of a whitelist?) may log into my account and withdraw funds. They've arbitrarily removed my whitelist without reason, and refuse to re-implement security measures, essentially locking the door and then leaving it wide open to be stolen by Cryptsy staff.

10) From my same IP, I opened a totally separate Cryptsy account back in 2013, then I also opened several new/totally separate accounts in late August when my withdraws were blocked. Today I tried to log into these completely separate accounts. ALL logins for all these Username, Password combos were denied with the message “bad username or password”. JUST AS WITH MY MAIN ACCOUNT DISCUSSED HERE, NEVER DID I ONCE REQUEST A PW CHANGE ON ANY OF THESE ACCOUNTS, NOR WAS I EVER NOTIFIED OF A PW CHANGE ON ANY OF THESE ACCOUNTS.

ARE YOUR FUNDS BLOCKED at Cryptsy? Try withdrawing now and see what happens, post your story here:- My personal guess/estimate is that you have about t-30 days until Cryptsy completely jumps ship Gox style.- Some ways they will block your withdraws: 1) saying you have a wrong destination address 2) preventing you from trading into other coins to make withdraws from that coin 3) leaving your withdraws as “pending” indefinitely, then canceling the request and wiping the records clean that any request was made. 4) Getting notification within the site that your withdraws have been approved, but some of the transactions never go through. In my case, when I made 3 withdraw requests on 3 coins, they all registered as confirmed and approved, the first went through and the other two were blocked. Check to make sure your withdraw actually made it to the destination address.

But you said you had a lot of evidence and thats only writings and how do you know someone didnt hack your account and changed your password? I personally never had problems with cryptsy and i had deposits of over 1 bitcoin i dont know if you had more, they are indeed sometimes slow and your orders got sometimes cancelled but i dont know, i dont think they are scammers and if your account got locked there is gotta be a reason that you are not telling us

But you said you had a lot of evidence and thats only writings and how do you know someone didnt hack your account and changed your password? I personally never had problems with cryptsy and i had deposits of over 1 bitcoin i dont know if you had more, they are indeed sometimes slow and your orders got sometimes cancelled but i dont know, i dont think they are scammers and if your account got locked there is gotta be a reason that you are not telling us

it should be impossible for an outsider to bypass both 2fa authentications. did you even read the OP?

But you said you had a lot of evidence and thats only writings and how do you know someone didnt hack your account and changed your password? I personally never had problems with cryptsy and i had deposits of over 1 bitcoin i dont know if you had more, they are indeed sometimes slow and your orders got sometimes cancelled but i dont know, i dont think they are scammers and if your account got locked there is gotta be a reason that you are not telling us

it should be impossible for an outsider to bypass both 2fa authentications. did you even read the OP?

''impossible'' is a big word and no it is not impossible to bypass that and as the last guy said here he could have just reseted his password and problem solved, there is obviously more to it than he tells us, all the accusations i see here against btc-e or cryptsy end up being false.

This user refuses to reset his password in order to regain control of his account. If he just does a simple password reset he would have had his coins forever ago.

1. Cryptsy cant change your password they have no way to do so only users can.2. User not wanting to do a password change generally means to me they don't control the account and cannot reset it.

So as soon as he resets his password he will have his coins its really pretty simple. He just refuses to do so, and refuses to acknowledge the fact that he forgot his password.

If this is true, then the OP seems fishy if he can't simply reset his password. I'd love to see his response to this.

The thing is I honestly believe he is who he says he is. I just think he forgot his password its never been changed, but like I said our system doesnt allow us to force a password change.

As far as his accusations about changing security on his account. He had a whitelist IP that we removed as a potential issue. The whitelist IP doesn't prevent other ips from using an account it just ensures that certain IP's don't get blocked due to high API activity.

We wont send him his DASH to an address manually because our system also doesn't allow this. Only users can withdraw users funds.

So like I told the OP in numerous tickets do a password reset. Wait the mandatory password change 24 hours and withdraw your funds.

This user refuses to reset his password in order to regain control of his account. If he just does a simple password reset he would have had his coins forever ago.

1. Cryptsy cant change your password they have no way to do so only users can.2. User not wanting to do a password change generally means to me they don't control the account and cannot reset it.

So as soon as he resets his password he will have his coins its really pretty simple. He just refuses to do so, and refuses to acknowledge the fact that he forgot his password.

If this is true, then the OP seems fishy if he can't simply reset his password. I'd love to see his response to this.

The thing is I honestly believe he is who he says he is. I just think he forgot his password its never been changed, but like I said our system doesnt allow us to force a password change.

As far as his accusations about changing security on his account. He had a whitelist IP that we removed as a potential issue. The whitelist IP doesn't prevent other ips from using an account it just ensures that certain IP's don't get blocked due to high API activity.

We wont send him his DASH to an address manually because our system also doesn't allow this. Only users can withdraw users funds.

So like I told the OP in numerous tickets do a password reset. Wait the mandatory password change 24 hours and withdraw your funds.

Isn't there something in your terms about not discussing/disclosing/sharing customer account related information in public? Not sure how privacy laws are where you are but discussing customer information in a public forum is a big NO NO where I'm from and could lead to very serious consequences for a company doing it intentionally and recklessly.

The only thing I am addressing is the OP's accusation not his account information.

You're giving out information about the status and resolution of his tickets and what he is willing and unwilling to do (read that as interaction with the customer), that's personal information in case you're wondering.

There is a big difference between saying "While for privacy and security reasons Cryptsy doesn't discuss customer personal cases in public we would like to state on record that these claims are unfounded bla bla bla. We believe in the integrity of our systems and are diligently working with this users towards a resolution. bla bla bla", that's a lot different than "shaming" the customer in public saying "we told him this", "he doesn't want to do that". *If* some of what he says is true the story isn't as simple as you make it seems.

Hi all. To respond to the most important of your replies and say a few things.

1) See for yourself. Try to withdraw your coins(not just a small withdraw), but full. See what happens.

2) BitJohn is LYING THROUGH HIS TEETH. Don't believe him for a second.

Quote

1. Cryptsy cant change your password they have no way to do so only users can.

ABSOLUTE AND TOTAL LIE. STRAIGHT UP LIE, WILL BE PROVEN BEFORE THE COURT.

To the community: use Lastpass and take Screenshots of everything

The idea that I "forgot" my password between Sept 1 and my Sept login attempt is laughable. I use Lastpass, and also have it written offline. My lastpass data(which will be presented in court) will prove that the exact same password was used on Sept 1 to login successfully, and Sept 2 to log in unsuccessfully. Also, you locked me out of all my other accounts with a "Bad password" message......facepalm.

And when I asked about the changed password/account activity/login in formation for Sept 2, I repeatedly get stonewalled. I was then told there was NO RECORD of the Sept 2 login attempt, which again, I have absolute proof of in the form of the auto-emails from Cryptsy which I saved.

BitJohn won't admit that the password was changed sometime after Sept 1 but before my Sept 2 login attempt.

And, DRUMROLL:BitJohn won't say up front what info is required to change a password(because they change it for each person, they keep asking for info until they find a single piece you can't give).

One huge reason for this is that he will have to admit that security measures such as: my Un and PW, my login 2fa pin, email 2fa, whitelisted IP, were all BYPASSED OR TURNED OFF BY CRYPTSY STAFF TO CHANGE MY PW AFTER My SEPT 1 LOGIN, BEFORE MY SEPT 2 UNSUCESSFUL LOGIN.

Whatever security criteria BitJohn had for a PW change(which were extensive, as listed), to change my PW after Sept 1, and the criteria he will ask me to change the password now- WILL NOT BE THE SAME. BITJOHN CANNOT SAY WHAT INFO WAS NEEDED TO CHANGE MY PW AFTER SEPT 1, AND WHAT CRITERIA IT WOULD NEED TO CHANGE MY PW IN THE FUTURE.

Think about it guys. These guys are malicious social engineers- I am not- they will always try to divert the conversation away from the important thing, and avoid questions, and when pressed they will lie through their teeth, such as what BitJohn already did with "1.".

See my previous posts to see I've pursued justice against other scammers. I'm happy to say Interpol is currently after Alberto Armandi. Please see through their petty tricks.

Also, If you have a Cryptsy Account, CHECK FOR YOURSELF HOW A WHITELISTED IP WORKS. ITS A SECURITY MEASURE WHICH DENOTES THAT ONLY USERS FROM THE REGISTERED IP MAY LOGIN OR WITHDRAW.

BitJohn: Address my accusation that records on my account were deleted from your system on Sept 2? Because I was told by you that you only Have login attempts for Sept 1, then Sept 4. Destruction of evidence.

BitJohn now claims they can't send me $ without me logging in. THATS B/C MY CRYPTO HAS (With 90% certainty- the other possibility is that the allow me to login but everything is locked, but that's not likely since their string of lies is going to have to get more and more absurd as they explain why my withdraws and trading are still blocked-Hence I'm asking for them to send me my coins to the addresses posted. BitJohn saying they can't? Again, a BitJohn lies) CRYPTO HAS ALREADY BEEN STOLEN OUT OF THE ACCOUNT AND THEY REFUSE TO CONFIRM OR DENY THIS.

CRYPTSY STAFF IS THE ONLY ENTITY ABLE/AUTHORIZED TO REMOVE 3, 2FA OPTIONS FROM AN ACCOUNT WHILE THEY WERE FIELDING MY SUPPORT TICKET , TELLING ME THE REASON i COULDN'T LOG IN IS BECAUSE I WASNT USING THE WHITELISTED IP(I WAS).

First, the reason they told me for not being able to login was that I wasn't entering a captcha correctly!(The Sept 2 login had no captcha, just UN an PW. The second reason they told me for not being able to login: they said I wasn't using the whitelisted IP!!!!!!!!! (I was, now since I've caught them, they are saying I "forgot" the password...)

BITJOHN: ADDRESS THE FACT YOU LIED TO ME ABOUT WHY I WAS HAVING LOGIN PROBLEMS AS DESCRIBED IN THE ABOVE PARAGRAPH.!!!![/u]

And again, BitJohn is lying about his point #1, of course Cryptsy can change passwords. Are you kidding me? REFUND MY MONEY

Personally, I've never had a problem with Cryptsy and I know I'm not the only one. Having said that, I'm not taking sides here but I do question your decision to publicize your dispute at this stage of the game. In any event I will be watching...

Bitcoin...the future of all monetary transactions...and always will be

Hi all. To respond to the most important of your replies and say a few things.

1) See for yourself. Try to withdraw your coins(not just a small withdraw), but full. See what happens.

We have withdraws going out all the time. This isn't a held withdraw its a user account access problem, and I have told you the solution reset your password. There is only one possible reason I can imagine why you would do that, and that would be if you are not the owner of the email associated with the account.

2) BitJohn is LYING THROUGH HIS TEETH. Don't believe him for a second.

Quote

1. Cryptsy cant change your password they have no way to do so only users can.

ABSOLUTE AND TOTAL LIE. STRAIGHT UP LIE, WILL BE PROVEN BEFORE THE COURT.

Our admin interface is intentionally setup so only you can reset your password. If any agent could do that then it would be a horrible security issue To the community: use Lastpass and take Screenshots of everything

The idea that I "forgot" my password between Sept 1 and my Sept login attempt is laughable. I use Lastpass, and also have it written offline. My lastpass data(which will be presented in court) will prove that the exact same password was used on Sept 1 to login successfully, and Sept 2 to log in unsuccessfully. Also, you locked me out of all my other accounts with a "Bad password" message......facepalm.

And when I asked about the changed password/account activity/login in formation for Sept 2, I repeatedly get stonewalled. I was then told there was NO RECORD of the Sept 2 login attempt, which again, I have absolute proof of in the form of the auto-emails from Cryptsy which I saved.

Ill have the developers run another query

BitJohn won't admit that the password was changed sometime after Sept 1 but before my Sept 2 login attempt.

There is nothing showing that your password has changed at anytime actually

And, DRUMROLL:BitJohn won't say up front what info is required to change a password(because they change it for each person, they keep asking for info until they find a single piece you can't give).

Its like two steps..... You click reset password and it emails you....

BitJohn: Address my accusation that records on my account were deleted from your system on Sept 2? Because I was told by you that you only Have login attempts for Sept 1, then Sept 4. Destruction of evidence.

I had the developers run a scan and it showed a successful login on the first and failed logins after.

BitJohn now claims they can't send me $ without me logging in. THATS B/C MY CRYPTO HAS (With 90% certainty- the other possibility is that the allow me to login but everything is locked, but that's not likely since their string of lies is going to have to get more and more absurd as they explain why my withdraws and trading are still blocked-Hence I'm asking for them to send me my coins to the addresses posted. BitJohn saying they can't? Again, a LIE)ALREADY BEEN STOLEN OUT OF THE ACCOUNT AND THEY REFUSE TO CONFIRM OR DENY THIS. CRYPTSY STAFF IS THE ONLY ENTITY ABLE/AUTHORIZED TO REMOVE 3, 2FA OPTIONS FROM AN ACCOUNT WHILE THEY WERE FIELDING MY SUPPORT TICKET, TELLING ME THE REASON i COULDN'T LOG IN IS BECAUSE I WASNT USING THE WHITELISTED IP(I WAS).

No we wont process a withdraw if you wont login to your account to process it.

Again all of your funds are in your account reset your password they are still happily waiting for you to withdraw at any time you please.

First, the reason they told me for not being able to login was that I wasn't entering a captcha correctly!(The Sept 2 login had no captcha, just UN an PW. The second reason they told me for not being able to login: they said I wasn't using the whitelisted IP!!!!!!!!! (I was, now since I've caught them, they are saying I "forgot" the password...)BITJOHN: ADDRESS THE FACT YOU LIED TO ME ABOUT WHY i WAS HAVING LOGIN PROBLEMS AS DESCRIBED IN THIS PARAGRAPH.!!!!

Discussions you had with prior tiers of support was all agents trying to resolve your issue which led to us suggesting you reset your password....

And again, BitJohn is lying about his point #1, of course Cryptsy can change passwords. Are you kidding me? REFUND MY MONEY

Again why would we want an admin panel where anyone can change any users passwords? Don't you think that having 15 agents have access to such a feature in the BTC world would be a bad idea?

Interesting. Ever since Cryptsy's involvement with Joshua Garza and the Paycoin scam I have 100% not used their service and recommend everybody else not to even consider doing business with them. The fact that an issue like this is even on a forum is absolutely unacceptable in a business standpoint and they're the only ones to blame. OP has multiple layered security that would keep any account safe even if they were hacked and sniffed for credentials. The fact that he has a password encrypting and saving service makes it impossible to forget his password. So somehow in a day his password became unusable with no records of any password change on the system? This is either a direct hack on cryptsy servers or more fraud (which they have proven themselves capable of by dealing with Mr. Garza). Which one do you think is worse?

Interesting. Ever since Cryptsy's involvement with Joshua Garza and the Paycoin scam I have 100% not used their service and recommend everybody else not to even consider doing business with them. The fact that an issue like this is even on a forum is absolutely unacceptable in a business standpoint and they're the only ones to blame. OP has multiple layered security that would keep any account safe even if they were hacked and sniffed for credentials. The fact that he has a password encrypting and saving service makes it impossible to forget his password. So somehow in a day his password became unusable with no records of any password change on the system? This is either a direct hack on cryptsy servers or more fraud (which they have proven themselves capable of by dealing with Mr. Garza). Which one do you think is worse?

Really Paycoin? We listed Paycoin like all the other exchanges, and accepter a prime controller post Garza. Which we never profited from nor used...

Again no clue how the user lost his password. Again his funds are nice, and safe in his account. Again all he has to do is RESET his password, and withdraw his funds. For some odd reason he refuses to do so.....